From Bugzilla Helper:
User-Agent: Mozilla/4.74 [en] (Win98; U)
Description of problem:
After using the chmod command to set the suid bit on a script, the ls -la command shows the bit to be set. However in executing
the script, it is clear that the script is only executed under the actual user's permissions.
How reproducible:
Always
Steps to Reproduce:
1.Taking a script that requires root permissions to perform some functions. Our example includes the following line:
touch $config ##$config points to a filename we are creating
chown apache $config
This script is contained in the /dev/hda6 filesystem mounted as /home and should be mounted with default mount parameters
including suid. Explicitly listing suid in the /etc/fstab file and remounting the filesytem did not affect the outcome of this problem.
2. Set the suid bit of this script, using the command:
chmod u+s scriptname
2. Use the ls -la command to view the scripts permissions:
-rwsr-x--- 1 root helpdesk 2835 Jul 29 17:27 filename
3. As a non-root user who is a member of the file's group (in this example helpdesk), run this script:
./filename
Actual Results:
1. The shell issues the following error message:
chown: /home/httpd/helpdesk/etc/aaa.conf: Operation not permitted
2. Viewing the permissions on the newly created file (referenced by $config in this example) shows that the file
belongs to the actual (real) user of the script
Expected Results:
1.The script should have created the file with the touch command so that it was owned by root and not the real user of the
script.
2. The script should have successfully changed the ownership of the file to the owner specified in the script (in this example apache)
instead of failing if the suid bit was effectively set as it appeared to be.
Additional info:
This use of chmod is documented in the man page for chmod.

Then the man page for chmod should be amended to reflect this "feature". As it currently exists, the installed man page contradicts the "features" of the
kernel. The bug would now rest with improper or inaccurate documentation. The man page for chmod should either make no reference to the suid bit,
identify it as disabled for the kernel(s) for which this is the case, or the chmod command itself should return an error message when an attempt is made
to use it to set the suid bit on a file.
Alternatively, since the "feature" is implemented by default, documentation on how to disable this feature should be provided or referenced in the chmod
man page.

The setuid bit *is* effective, just not on shell scripts, which is actually a
bash feature and documented in the bash info page.
If you absolutely need to make a shell script setuid, write the following C
program and make it setuid:
int main(int argc, char **argv) {
setuid(0); seteuid(0); setgid(0); setegid(0);
execvp("/usr/local/bin/yourscript.sh", "
}

Note

You need to
log in
before you can comment on or make changes to this bug.